I found a solution. I created a rule in modsec which uses the "exec" command to execute a small command, which in turn runs iptables and blocks the IP address right away. The whole thing works perfectly!

CSF/BFD and the rest of them are too passive in case of a DoS attack, while this solution blocks them immediately.

CODE IS POETRY

Stop hovering to collapse...Click to collapse...Hover to expand...Click to expand...